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This listing of claims will replace all prior versions, and listings, of claims in the 
application: 

Listing of Claims 

1 . (Currently amended) A method for implementing security features at a portal server, 
comprising: 

receiving a first request from a client; 

in response to receiving the first request, authenticating the client; 

consulting a database to determine access privileges of the authenticated client for 
interactions with a plurality of applications, wherein the applications are located at backend 
servers; 

generating code containing selectable interactions with the applications, wherein any 
authentication for the selectable interactions is performed within the portal server sending the 
code to the client; 

responsive to sending the code to the client, receiving a second request from the client, 
wherein the second request contains a selection of at least one of the selectable interactions; 
determining from the selection a set of backend servers to process the second request; 
forwarding the second request to the set of backend servers; 

receiving results corresponding to the second request from applications executing on the 
backend servers; and 

sending the results to the client, wherein sending the results to the client further 
comprises: 

(i) generating further selectable interactions for at least two different applications 
selected from the applications located at the backend servers, wherein the backend servers are 
located outside the portal server ; and 

(ii) sending the further selectable interactions with the results to the client 
wherein the further selectable interactions for the at least two different applications located 
outside the portal server and the results are allowed to be displayed in a single Web page at the 
client . 

2. (Canceled) 



Page 2 of 22 



Amdt. dated July 20, 2006 

Reply to Office action of 4/20/2006 



Serial No. 10/090,556 
Docket No. SJO920010066US1 
Firm No. 0037.0017 



3. (Canceled) 

4. (Original) The method of claim 1, wherein the portal server is a Web server and the 
portal server comprises a portal application. 

5. (Original) The method of claim 1, wherein the database comprises a plurality of 
generic objects, wherein each generic object contains the access privileges related to a user for 
the elements of the plurality of applications. 

6. (Original) The method of claim 5, wherein the access privileges indicate write 

access. 

7. (Original) The method of claim 5, wherein the database is in the form of a table. 

8. (Original) The method of claim 1 wherein the code is in a form that can be rendered 
into a Web page. 

9. (Original) The method of claim 8, wherein the form of the code is comprised of 
active code, wherein the active code can be executed on the client. 

10. (Previously presented) The method of claim 1, wherein the selectable interactions 
correspond to operations within the applications and resources related to the applications, and 
wherein the applications, the operations within the applications, and the resources related to the 
applications are displayed on a single Web page. 

11. (Original) The method of claim 1, wherein the selectable interactions correspond to 
resources related to the applications. 



Page 3 of 22 



Amdt. dated July 20, 2006 Serial No. 1 0/090,556 

Reply to Office action of 4/20/2006 Docket No. SJO920010066US1 

Firm No. 0037.0017 

12. (Original) The method of claim 11, wherein the resources are selected from the 
group consisting of multimedia content, objects, files, attributes of objects, program elements, 
database objects, table entries. 

13. (Currently amended) A method at a backend system for securely making available a 
backend application, comprising: 

creating data structures corresponding to interactions with the backend application; 

associating privileges for each of the data structures, wherein the privileges are fully 
checked at a portal application separately hosted from the backend application; 

receiving, at the backend application, a request from the portal application for reading the 
data structures; and 

sending, from the backend application, the data structures to the portal application, 
wherein the interactions are operations that can be performed on the backend application and on 
resources related to the backend application, and wherein the backend application, the operations 
that can be performed on the backend application, and the resources related to the backend 
application arc displayed on a single Web page on a client , wherein the portal application is 
included in a portal server, wherein the backend application is included in a backend server 
located outside the portal server, and wherein selectable interactions for at least two different 
backend applications located outside the portal server and results corresponding to at least one 
earlier operation are allowed to be displayed on the single Web page on the client . 

14. (Previously presented) The method of claim 13, further comprising: 
receiving a request for an interaction with the backend application from the portal 

application; 

processing the request without checking for the privileges; and 
sending the results of processing the request to the portal application. 

15. (Original) The method of claim 13, wherein the data structures are data objects. 

16. (Original) The method of claim 13, wherein a representation of the data structure is 
from the group consisting of a relational database, an XML document and a class. 



Page 4 of 22 



Amdt. dated July 20, 2006 

Reply to Office action of 4/20/2006 



Serial No. 10/090,556 
Docket No. SJO920010066US1 
Firm No. 0037.0017 



17. (Canceled) 

18. (Previously presented) The method of claim 13, wherein the interactions relate to 
resources associated with the backend application. 

19. (Currently amended) A method for accessing a group of applications at a client 
computer comprising: 

authenticating with a portal server; 

receiving a list of backend applications and interactions that can be performed with the 
backend applications from a portal application located in the portal server, wherein the backend 
applications are stored at backend servers that are different from the portal server; 

selecting an interaction; and 

receiving results based on the selection of the interaction without authenticating with the 
backend servers, wherein receiving the results further comprises receiving a set of further 
interactions selectable by the client computer, wherein the portal server performs all necessary 
authentications of the client computer, and wherein the backend servers avoid any authentication 
of the client computer , wherein the backend applications are stored at the backend servers 
located outside the portal server, and wherein selectable interactions for at least two different 
backend applications located outside the portal server and results corresponding to at least one 
earlier operation are allowed to be displayed on a single Web page on the client computer . 

20. (Canceled) 

21. (Original) The method of claim 19, wherein authenticating, receiving the list, 
selecting, and receiving results are at a Web browser. 

22. (Currently amended) A system for implementing security features, comprising: 
a portal server; 

means for receiving a first request from a client at the portal server; 

means for authenticating the client, in response to receiving the first request; 
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means for consulting a database to determine access privileges of the authenticated client 
for interactions with a plurality of applications, wherein the applications are located at backend 
servers; 

means for generating code containing selectable interactions with the applications, 
wherein any authentication for the selectable interactions is performed within the portal server; 
means for sending the code to the client; 

means for receiving a second request from the client in response to sending the code to 
the client, wherein the second request contains a selection of at least one of the selectable 
interactions; 

means for determining from the selection a set of backend servers to process the second 
request; 

means for forwarding the second request to the set of backend servers; 

means for receiving results corresponding to the second request from applications 
executing on the backend servers; and 

means for sending the results to the client, wherein the means for sending the results to 
the client further performs: 

(i) generating further selectable interactions for at least two different applications 
selected from the applications located at the backend servers, wherein the backend servers are 
located outside the portal server ; and 

(ii) sending the further selectable interactions with the results to the client 
wherein the further selectable interactions for the at least two different applications located 
outside the portal server and the results are allowed to be displayed in a single Web page at the 
client . 

23. (Canceled) 

24. (Canceled) 

25. (Previously presented) The system of claim 22, wherein the database comprises a 
plurality of generic objects, wherein each generic object contains the access privileges related to 
a user for the elements of the plurality of applications, wherein the database is in the form of a 
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table, wherein the selectable interactions correspond to operations within the applications and 
resources related to the applications, and wherein the applications, the operations within the 
applications, and the resources related to the applications are displayed on a single Web page. 



26. (Currently amended) A system for securely making available a backend application, 
comprising: 

a backend system hosting the backend application; 

means for creating data structures at the backend system corresponding to interactions 
with the backend application; 

means for associating privileges for each of the data structures, wherein the privileges are 
fully checked at a portal application separately hosted from the backend application; 

means for receiving, at the backend application, a request from the portal application for 
reading the data structures; and 

means for sending, from the backend application, the data structures to the portal 
application; 

means for receiving a request for an interaction with the backend application from the 
portal application; 

means for processing the request without checking for the privileges; and 
means for sending the results of processing the request to the portal application , wherein 
the interaction is an operation that can be performed on the backend application and on resources 
related to the backend application, wherein the backend application, operations that can be 
performed on the backend application, and resources related to the backend application are 
displayed on a single Web page on a client, wherein the portal application is included in a portal 
server, wherein the backend server hosting the backend application is located outside the portal 
server, and wherein selectable interactions for at least two different backend applications located 
outside the portal server and results corresponding to at least one earlier operation are allowed to 
be displayed on the single Web page on the client . 



27. (Canceled) 
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28. (Currently amended) A system for accessing a group of applications comprising: 
a client computer; 

means for authenticating with a portal server from the client computer; 

means for receiving a list of backend applications and interactions that can be performed 
with the backend applications from a portal application located in the portal server, wherein the 
backend applications are stored at backend servers that are different from the portal server; 

means for selecting an interaction; and 

means for receiving results based on the selection of the interaction without 
authenticating with the backend servers, wherein the means for receiving the results further 
performs receiving a set of further interactions selectable by the client computer, wherein the 
portal server performs all necessary authentications of the client computer, and wherein the 
backend servers avoid any authentication of the client compute r, wherein the backend 
applications are stored in the backend servers located outside the portal server, and wherein 
selectable interactions for at least two different backend applications located outside the portal 
server and results corresponding to at least one earlier operation arc allowed to be displayed on a 
single Web page on the client computer . 



29. (Canceled) 

30. (Currently amended) An article of manufacture including code for implementing 
security features at a portal server, wherein the code is capable of causing operations, the 
operations comprising: 

receiving a first request from a client; 

in response to receiving the first request, authenticating the client; 

consulting a database to determine access privileges of the authenticated client for 
interactions with a plurality of applications, wherein the applications are located at backend 
servers; 

generating code containing selectable interactions with the applications, wherein any 
authentication for the selectable interactions is performed within the portal server; 
sending the code to the client; 
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responsive to sending the code to the client, receiving a second request from the client, 
wherein the second request contains a selection of at least one of the selectable interactions; 
determining from the selection a set of backend servers to process the second request; 
forwarding the second request to the set of backend servers; 

receiving results corresponding to the second request from applications executing on the 
backend servers; and 

sending the results to the client, wherein sending the results to the client further 
comprises: 

(i) generating further selectable interactions for at least two different applications 
selected from the applications located at the backend servers, wherein the backend servers are 
located outside the portal server ; and 

(ii) sending the further selectable interactions with the results to the client 4 
wherein the further selectable interactions for the at least two different applications located 
outside t he portal server and the results arc allowed to be displayed in a single Web page at the 
client . 



31. (Canceled) 

32. (Canceled) 

33. (Original) The article of manufacture of claim 30, wherein the portal server is a Web 
server and the portal server comprises a portal application. 

34. (Original) The article of manufacture of claim 30, wherein the database comprises a 
plurality of generic objects, wherein each generic object contains the access privileges related to 
a user for the elements of the plurality of applications. 

35. (Original) The article of manufacture of claim 34, wherein the access privileges 
indicate write access. 
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36. (Original) The article of manufacture of claim 34, wherein the database is in the 
form of a table. 

37. (Original) The article of manufacture of claim 30 wherein the code is in a form that 
can be rendered into a Web page. 

38. (Original) The article of manufacture of claim 37, wherein the form of the code is 
comprised of active code, wherein the active code can be executed on the client. 

39. (Previously presented) The article of manufacture of claim 30, wherein the 
selectable interactions correspond to operations within the applications and resources related to 
the applications, and wherein the applications, the operations within the applications, and the 
resources related to the applications are displayed on a single Web page. 

40. (Original) The article of manufacture of claim 30, wherein the selectable interactions 
correspond to resources related to the applications. 

41. (Original) The article of manufacture of claim 40, wherein the resources are selected 
from the group consisting of multimedia content, objects, files, attributes of objects, program 
elements, database objects, table entries. 

42. (Currently amended) An article of manufacture, including code for securely making 
available a backend application at a backend system, wherein the code is capable of causing 
operations, the operations comprising: 

creating data structures corresponding to interactions with the backend application; 

associating privileges for each of the data structures, wherein the privileges are fully 
checked at a portal application separately hosted from the backend application; 

receiving, at the backend application, a request from the portal application for reading 
the data structures; and 

sending, from the backend application, the data structures to the portal application, 
wherein the interactions are operations that can be performed on the backend application and on 
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resources related to the backend application, and wherein the backend application, the operations 
that can be performed on the backend application, and the resources related to the backend 
application are displayed on a single Web page on a clien t, wherein the portal application is 
included in a portal server, wherein the backend application is included in a backend server 
located outside the portal server, and wherein selectable interactions for at least two different 
backend applications located outside the portal server and results corresponding to at least one 
earlier operation are allowed to be displayed on the single Web page on the client . 

43. (Previously presented) The article of manufacture of claim 42, further comprising: 
receiving a request for an interaction with the backend application from the portal 

application; 

processing the request without checking for the privileges; and 
sending the results of processing the request to the portal application. 

44. (Original) The article of manufacture of claim 42, wherein the data structures are 
data objects. 

45. (Original) The article of manufacture of claim 42, wherein a representation of the 
data structure is from the group consisting of a relational database, an XML document and a 
class. 

46. (Canceled) 

47. (Previously presented) The article of manufacture of claim 42, wherein the 
interactions relate to resources associated with the backend application. 

48. (Currently amended) An article of manufacture, including code for accessing a group 
of applications at a client computer, wherein the code is capable of causing operations, the 
operations comprising: 

authenticating with a portal server; 
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receiving a list of backend applications and interactions that can be performed with the 
backend applications from a portal application located in the portal server, wherein the backend 
applications are stored at backend servers that are different from the portal server; 

selecting an interaction; and 

receiving results based on the selection of the interaction without authenticating with the 
backend servers, wherein receiving the results further comprises receiving a set of further 
interactions selectable by the client computer, wherein the portal server performs all necessary 
authentications of the client computer, and wherein the backend servers avoid any authentication 
of the client computer , wherein the backend applications are stored at the backend servers 
located outside the portal server, and wherein selectable interactions for at least two different 
backend applications located outside the portal server and results corresponding to at least one 
earlier operation are allowed to be displayed on a single Web page on the client computer . 

49. (Canceled) 

50. (Original) The article of manufacture of claim 48, wherein authenticating, receiving 
the list, selecting, and receiving results are at a Web browser. 

5 1 . (New) The method of claim 1 , wherein a selected backend application has a 
plurality of secure data objects having different security attributes, wherein each of the secure 
data objects corresponds to different interactions with the selected backend application, wherein 
a generic objects database is located in the portal server, wherein for each backend application 
the generic objects database includes a set of generic objects and associated security attributes 
for each potential user, wherein the set of generic objects correspond to the secure data objects, 
and wherein the generic objects stores at least those parts of the corresponding secure data 
objects that are needed for accessing and manipulating the secure data objects. 

52. (New) The method of claim 13, wherein a selected backend application has a 
plurality of secure data objects having different security attributes, wherein each of the secure 
data objects corresponds to different interactions with the selected backend application, wherein 
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a generic objects database is located in the portal server, wherein for each backend application 
the generic objects database includes a set of generic objects and associated security attributes 
for each potential user, wherein the set of generic objects correspond to the secure data objects, 
and wherein the generic objects stores at least those parts of the corresponding secure data 
objects that are needed for accessing and manipulating the secure data objects. 

53. (New) The method of claim 19, wherein a selected backend application has a 
plurality of secure data objects having different security attributes, wherein each of the secure 
data objects corresponds to different interactions with the selected backend application, wherein 
a generic objects database is located in the portal server, wherein for each backend application 
the generic objects database includes a set of generic objects and associated security attributes 
for each potential user, wherein the set of generic objects correspond to the secure data objects, 
and wherein the generic objects stores at least those parts of the corresponding secure data 
objects that are needed for accessing and manipulating the secure data objects. 

54. (New) The system of claim 22, wherein a selected backend application has a 
plurality of secure data objects having different security attributes, wherein each of the secure 
data objects corresponds to different interactions with the selected backend application, wherein 
a generic objects database is located in the portal server, wherein for each backend application 
the generic objects database includes a set of generic objects and associated security attributes 
for each potential user, wherein the set of generic objects correspond to the secure data objects, 
and wherein the generic objects stores at least those parts of the corresponding secure data 
objects that are needed for accessing and manipulating the secure data objects. 

55. (New) The system of claim 26, wherein a selected backend application has a 
plurality of secure data objects having different security attributes, wherein each of the secure 
data objects corresponds to different interactions with the selected backend application, wherein 
a generic objects database is located in the portal server, wherein for each backend application 
the generic objects database includes a set of generic objects and associated security attributes 
for each potential user, wherein the set of generic objects correspond to the secure data objects, 
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and wherein the generic objects stores at least those parts of the corresponding secure data 
objects that are needed for accessing and manipulating the secure data objects. 

56. (New) The system of claim 28, wherein a selected backend application has a 
plurality of secure data objects having different security attributes, wherein each of the secure 
data objects corresponds to different interactions with the selected backend application, wherein 
a generic objects database is located in the portal server, wherein for each backend application 
the generic objects database includes a set of generic objects and associated security attributes 
for each potential user, wherein the set of generic objects correspond to the secure data objects, 
and wherein the generic objects stores at least those parts of the corresponding secure data 
objects that are needed for accessing and manipulating the secure data objects. 

57. (New) The article of manufacture of claim 30, wherein a selected backend 
application has a plurality of secure data objects having different security attributes, wherein 
each of the secure data objects corresponds to different interactions with the selected backend 
application, wherein a generic objects database is located in the portal server, wherein for each 
backend application the generic objects database includes a set of generic objects and associated 
security attributes for each potential user, wherein the set of generic objects correspond to the 
secure data objects, and wherein the generic objects stores at least those parts of the 
corresponding secure data objects that are needed for accessing and manipulating the secure data 
objects. 

58. (New) The article of manufacture of claim 42, wherein a selected backend 
application has a plurality of secure data objects having different security attributes, wherein 
each of the secure data objects corresponds to different interactions with the selected backend 
application, wherein a generic objects database is located in the portal server, wherein for each 
backend application the generic objects database includes a set of generic objects and associated 
security attributes for each potential user, wherein the set of generic objects correspond to the 
secure data objects, and wherein the generic objects stores at least those parts of the 
corresponding secure data objects that are needed for accessing and manipulating the secure data 
objects. 
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59. (New) The article of manufacture of claim 48, wherein a selected backend 
application has a plurality of secure data objects having different security attributes, wherein 
each of the secure data objects corresponds to different interactions with the selected backend 
application, wherein a generic objects database is located in the portal server, wherein for each 
backend application the generic objects database includes a set of generic objects and associated 
security attributes for each potential user, wherein the set of generic objects correspond to the 
secure data objects, and wherein the generic objects stores at least those parts of the 
corresponding secure data objects that are needed for accessing and manipulating the secure data 
objects. 
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